CASB version 3.154 released limited support for the GitHub CLI.
Resolution
CASB techdoc describes what GitHub activity is supported by GitHub CLI and what is only support via web.
The following are known limitations:
Github needs to be configured to use a Windows certificate store (git config --global http.sslbackend schannel)
Filenames are not available for upload/download events, repository names are available instead.
Access Enforcement policy doesn't work well for Session-Auth due to client caching tokens. But, would work for upload/download activities.
Cloud Service username is not available and falls back to CloudSOC user.
DLP scan doesn't work for most scenarios due to upload/download being encrypted
OA Pair Details
OA Pair – Session -Auth
Login:
Command : gh auth login --with-token < token.txt
User Name not available
Command: gh auth login
Logout:
Command: gh auth logout
Display Auth info Command: gh auth status Since the traffic for this command matches with login/logout , performing this activity also generates Session-Auth OA